Risk Assessment

Risk assessment is a vital component in BC (Business Continuity) planning. Through risk assessment, your company may determine what vulnerabilities your assets possess. Not only that, you’ll also be able to quantify the loss of value of each asset against a specific threat. That way, you can rank them so that assets that are most likely to cripple your business when say a specific disaster strikes can be given top priority.

However, a poorly implemented risk assessment may also cost you unnecessary expenditures. Many risk assessors are too enthusiastic in pointing out risks that, at the end of the assessment, they tend to over-appraise even those having practically zero probability of ever occurring.

We can assure you of a realistic assessment of your assets’ risks and propose cost-effective countermeasures. These are the things we can do:

Identify your unsafe practices and propose the best alternatives.
Perform qualitative risk assessment if you want fast results and lesser interruptions on your operations.
Perform quantitative risk assessment if you want the most accurate depiction of your risks and the corresponding justifiable costs of each.
Conduct frequency and consequence analysis to identify unforeseen harmful events and determine their effects to various components of your organisation and its surroundings.

We can also assist you with the following:

Check our similar posts

How Internal Auditors can win The War against Spreadsheet Fraud

To prevent another round of million dollar scandals due to fraudulent manipulations on spreadsheets, regulatory bodies have launched major offensives against these well-loved User Developed Applications (UDAs). Naturally, internal auditors are front and center in carrying out these offensives.

While regulations like the Sarbanes-Oxley Act, Dodd-Frank Act, and Solvency II can only be effective if end users are able to carry out the activities and practices required of them, auditors need to ascertain that they have. Sad to say, when it comes to spreadsheets, that is easier said than done.

Because spreadsheets are loosely distributed by nature, internal auditors always find it hard to: locate them, identify ownership, and trace their relationships with other spreadsheets. Now, we’re still talking about naturally occurring spreadsheets. How much more with files that have been deliberately tampered?

Spreadsheets can be altered in a variety of ways, especially if the purpose is to conceal fraudulent activities. Fraudsters can, for instance:

hide columns or rows,
perform conditional formatting, which changes the appearance of cells depending on certain values
replace cell entries with false values either through direct input or by linking to other spreadsheet sources
apply small, incremental changes in multiple cells or even spreadsheets to avoid detection
design macros and user defined functions to carry out fraudulent manipulations automatically

Recognising the seemingly insurmountable task ahead, the Institute of Internal Auditors released a guide designed specifically for the task of auditing user-developed applications, which of course includes spreadsheets.

But is this really the weapon internal auditors should be wielding in their quest to bring down spreadsheet fraud? Our answer is no. In fact, we believe no such weapon has to be wielded at all?because the only way to get rid of spreadsheet fraud is to eliminate spreadsheets once and for all.

Imagine how easy it would be for internal auditors to conduct their audits if data were kept in a centralised server instead of being scattered throughout the organisation in end-user hard drives.

And that’s not all. Because a server-based solution can be configured to have its own built-in controls, all your data will be under lock and key; unlike spreadsheet-based systems wherein storing a spreadsheet file inside a password-protected workstation does not guarantee equal security for all the other spreadsheets scattered throughout your company.

Learn more about Denizon’s server application solutions and discover a more efficient way for your internal auditors to carry out their jobs.

More Spreadsheet Blogs

Spreadsheet Risks in Banks

Top 10 Disadvantages of Spreadsheets

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

How Internal Auditors can win the War against Spreadsheet Fraud

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

Still looking for a Way to Consolidate Excel Spreadsheets?

Disadvantages of Spreadsheets

Spreadsheet woes – ill equipped for an Agile Business Environment

Spreadsheet Fraud

Spreadsheet Woes – Limited features for easy adoption of a control framework

Spreadsheet woes – Burden in SOX Compliance and other Regulations

Spreadsheet Risk Issues

Server Application Solutions – Don’t let Spreadsheets hold your Business back

Why Spreadsheets can send the pillars of Solvency II crashing down

amazon.co.uk

amazon.com

A Definitive List of the Business Benefits of Cloud Computing

When you run a Google search for the “benefits of cloud computing”, you’ll come across a number of articles with a good list of those. However, most of them don’t go into the details, which nevertheless might still suit some readers. But if you’re looking for compelling business reasons to move your company’s IT to the cloud, a peripheral understanding of what this technology can do for you certainly won’t cut it.

Now, cloud computing is not just one of those “cool” technologies that come along every couple of years and which can only benefit a particular department.?What we’re talking about here really is a paradigm shift in computing that can transform not only entire IT infrastructures but also how we run our respective organisations.

I hate to think that some people are holding back on cloud adoption just because they haven’t fully grasped what they’re missing. That is why I decided to put together this list. I wanted to produce a list that would help top management gain a deeper understanding of the benefits of the cloud.

Cloud computing is one bandwagon you really can’t afford not to jump into. Here are ten good reasons why:

1.?Zero?CAPEX and low TCO for an enterprise-class IT infrastructure

2. Improves cash flow

3. Strengthens business continuity/disaster recovery capabilities

4. Lowers the cost of analytics

5. Drives business agility

6. Ushers in anytime, anywhere collaboration

7. Enhances information, product, and service delivery

8. Keeps entire organisation in-sync

9. ?Breathes life into innovation in IT

10. Cultivates optimal environments for development and testing

Zero CAPEX and low TCO for an enterprise-class IT infrastructure

Most cloud adopters with whom I’ve talked to cite this particular reason for gaining interest in the cloud.

Of course they had to dig deeper and consider all other factors before ultimately deciding to migrate. But the first time they heard cloud services could give them access to enterprise class IT infrastructures without requiring any upfront capital investment, they realised this was something worth exploring.

A good IT infrastructure can greatly improve both your cost-effectiveness and your capability to compete with larger companies. The more reliable, fast, highly-available, and powerful it is, the better.

But then building such an infrastructure would normally require a huge capital investment for networking equipment, servers, data storage, power supply, cooling, physical space, and others, which could run up to tens or even hundreds of thousands of euros. To acquire an asset this costly, you’d have to take in debt and be burdened by the ensuing amortisation.

If you’ve got volumes of cash stashed in your vault, cost might not be a problem. But then if you really have so much savings, wouldn’t it be more prudent to use it for other sales-generating projects? An extensive marketing endeavour perhaps?

A capital expenditure of this magnitude and nature, which normally has to be approved by shareholders, can be regarded as a high financial risk. What if business doesn’t do well and you wouldn’t need all that computing power? What if the benefits expected from the IT investment are not realised??You cannot easily convert your IT infrastructure into cash.

Remember we’re talking about a depreciating asset. So even assuming you can liquidate it, you still can’t hope to sell it at its buying price. These factors are going to play in the minds of your Board of Directors when they’re asked to decide on this CAPEX.

Incidentally, these issues don’t exist in a cloud-based solution.

A cloud solution typically follows a pay-as-you-go utility pricing model where you get billed monthly (sometimes quarterly) just like your electricity. ?In other words, it’s an expense you’ll need to pay for?at the end of a period over which the service’s value would have already been realised. Compare that with a traditional infrastructure wherein you’ll have to spend upfront but the corresponding value will still have to be delivered gradually in the succeeding months or years.

From the point of view of your CFO, what could have been a CAPEX to acquire an asset that depreciates with time (and consequently reduces your company’s net worth), becomes a flexible operating expense (OPEX).?Truly, it is an operating expense that you can increase, decrease, or even totally discontinue, depending on what the prevailing business conditions demand.

People who think they have done the math in comparing cloud-based and traditional IT infrastructures claim that, although they see how cloud solutions transform CAPEX into OPEX, they really don’t see any significant difference in overall costs.

However, these people have only gone as far as adding up the expected monthly expenses of a cloud solution over the estimated duration of an equivalent IT infrastructure’s effective lifespan and comparing the sum with that IT infrastructure’s price tag. You won’t get a clear comparison that way.

You need to consider all factors that contribute to the infrastructure’s Total Cost of Ownership (TCO). Once you factor in the costs of electricity, floor space, storage, and IT administrators, the economical advantages of choosing a cloud solution will be more evident. Add to that the costs of downtime such as: interruptions to business operations, technical support fees, and the need to maintain expensive IT staff who spend most of their time “firefighting”, and you’ll realise just how big the savings of cloud adopters can be.

Still not convinced? Well, we’re still getting started.?On our next post, we’ll take a closer look at the additional benefits of paying under an OPEX model instead of a CAPEX model.

Contact Us

(+353)(0)1-443-3807 – IRL
(+44)(0)20-7193-9751 – UK

IT Transformation Defined

Businesses depend on IT to effectively manage business processes and to provide products and services to clients. As IT technologies advance, it is crucial that businesses update their hardware to remain competitive. But businesses should do more than simply upgrade their servers and should really strive to effect IT transformation.

What is IT Transformation?

IT transformation is the ongoing process of changing the way that a company uses IT to better align it with current business goals. Through the IT transformation process, businesses try to determine whether they are meeting mission-critical benchmarks through the incorporation of new IT technologies for corporate transformation.

For example, if one of the current business concerns is whether the company can improve customer service, the IT system will need to evolve in such a way that improves customer service in a measurable way.

Successfully Aligning the Technology to Business Goals

In order to successfully align the IT system with business goals, it is important to understand the newly integrated technologies to understand how they can change business processes. If a new feature is intended to make the server more secure, the management should know exactly how the feature will improve the security of the server and whether the new implementation is redundant.

Once the business objectives have been identified, IT transformation is carried out by changing both the software and hardware used by the company. An example would be the growing trend of server migration to the cloud. Cloud computing is the growing trend of making files and data accessible from anywhere. If an organisation believes that it can improve productivity through a server cloud migration, it will need a way to test this.

The IT Transformation Process

Given that IT transformation is directly related to the core business, the IT transformation process must begin by identifying which aspects of the company must be changed. Then, the company must determine?IT services that could potentially be integrated into the business in a way that will help the company achieve benchmarks. After the key decision-makers understand the IT network well enough to effectively implement it, the company must efficiently manage the transformation process. Then, after the IT has been integrated, the company must have a system in place to measure business transformation in a numerical way.

For example, when assessing customer satisfaction, one effective strategy would be to distribute customer satisfaction surveys that ask customers to rate their experiences on a scale of one to ten. The company can then measure the results of the customer satisfaction survey to determine whether the new IT implementations are accomplishing their intended goals.

If the expected benchmarks are not being met, the next step in the IT transformation process is to determine if there is a specific reason for that. Is there a way that the feature can be better integrated to achieve desired business objectives? Are there other features that can help the company better achieve its goals?

Upgrading a network can be an expensive process and it is important to identify early on which options are the most likely to benefit the company’s bottom line.